Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/ad18a0-b32c-4fcb-be9c-1caf0611374d/1/g24F8Llst1sNUigDfQWGFU0I9IQ.roa
File: g24F8Llst1sNUigDfQWGFU0I9IQ.roa (raw, json)
Hash identifier: c83GucemRIepkpNjRZ45/8/pFwlicGwynHf5Pkz88xI=
Subject key identifier: 83:6E:05:F0:B9:6C:B7:5B:0D:52:28:03:7D:05:86:15:4D:08:F4:84
Certificate issuer: /CN=08819c27a5be3d2db222b05637447ed6e8324873
Certificate serial: 018CC50110E2A1A857E9ADEA7BBCA6E16E1E
Authority key identifier: 08:81:9C:27:A5:BE:3D:2D:B2:22:B0:56:37:44:7E:D6:E8:32:48:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIGcJ6W-PS2yIrBWN0R-1ugySHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/ad18a0-b32c-4fcb-be9c-1caf0611374d/1/g24F8Llst1sNUigDfQWGFU0I9IQ.roa
Signing time: Mon 01 Jan 2024 12:30:30 +0000
ROA not before: Mon 01 Jan 2024 12:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198028
IP address blocks: 194.12.51.0/24 maxlen: 24
194.12.52.0/24 maxlen: 24
194.12.55.0/24 maxlen: 24
194.12.53.0/24 maxlen: 24
194.12.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/ad18a0-b32c-4fcb-be9c-1caf0611374d/1/CIGcJ6W-PS2yIrBWN0R-1ugySHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/ad18a0-b32c-4fcb-be9c-1caf0611374d/1/CIGcJ6W-PS2yIrBWN0R-1ugySHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIGcJ6W-PS2yIrBWN0R-1ugySHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:10:e2:a1:a8:57:e9:ad:ea:7b:bc:a6:e1:6e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08819c27a5be3d2db222b05637447ed6e8324873
Validity
Not Before: Jan 1 12:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=836e05f0b96cb75b0d5228037d0586154d08f484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7e:12:44:6c:0c:ff:f8:4d:32:5b:a4:65:d5:
d7:cc:60:83:d4:6f:db:9b:36:0f:5b:87:f6:c4:5d:
0c:a1:9a:88:81:d5:22:da:71:b0:77:8e:4e:c8:da:
d5:fc:f6:5f:8e:dc:74:7a:30:79:a8:88:19:ea:05:
e5:9c:77:61:3d:72:dd:92:ca:ec:5f:e7:2b:9f:eb:
d5:03:92:43:bf:6e:e4:b0:db:09:88:bc:a1:d4:d1:
22:5c:aa:46:ba:ca:1a:7d:be:74:fb:ba:80:51:6e:
9d:98:e0:fc:ee:ae:f3:b0:13:09:55:aa:20:f5:bd:
ff:75:55:f2:ae:31:66:bc:72:08:4e:fb:c4:36:95:
bf:ce:01:55:b0:95:3a:c5:6c:bd:08:18:c6:6a:01:
ba:22:8e:19:89:2e:6b:f3:69:fb:24:f7:e1:35:a1:
59:49:2d:14:c0:e0:ac:6e:06:25:9c:8b:5d:36:16:
84:60:1f:68:66:fe:d4:df:ad:6f:1e:73:db:4c:4c:
68:2d:41:ce:d0:ad:80:19:f2:74:dd:bc:d3:d3:51:
2d:dd:5a:79:5e:34:22:13:00:88:d3:aa:47:39:60:
30:a3:a2:7a:e2:7b:4a:89:6a:f4:c2:5e:1c:a9:26:
a8:8a:b4:05:3e:a3:08:ef:52:35:59:12:aa:bb:57:
8b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:6E:05:F0:B9:6C:B7:5B:0D:52:28:03:7D:05:86:15:4D:08:F4:84
X509v3 Authority Key Identifier:
keyid:08:81:9C:27:A5:BE:3D:2D:B2:22:B0:56:37:44:7E:D6:E8:32:48:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIGcJ6W-PS2yIrBWN0R-1ugySHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/ad18a0-b32c-4fcb-be9c-1caf0611374d/1/g24F8Llst1sNUigDfQWGFU0I9IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/ad18a0-b32c-4fcb-be9c-1caf0611374d/1/CIGcJ6W-PS2yIrBWN0R-1ugySHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.12.51.0-194.12.55.255
Signature Algorithm: sha256WithRSAEncryption
4e:cc:8e:65:c8:c6:d0:87:81:68:bf:72:b4:40:b9:51:83:a0:
d1:9a:fb:d3:9a:9c:5c:78:a4:b0:e4:4e:16:79:17:ef:f6:da:
b7:08:a5:c4:e1:f6:e8:a3:5a:04:f5:fb:87:86:b7:a3:df:dd:
17:d0:98:c4:1c:e1:95:bf:9a:a5:c4:ca:1e:c7:7d:1b:d3:48:
ed:60:ca:2c:42:da:05:26:01:ca:7f:c2:e6:d0:ae:a4:53:91:
72:2e:67:e9:9e:e6:e7:25:a6:ae:d5:3a:fe:5e:b7:60:2b:40:
3b:d5:05:4b:03:ec:18:c5:eb:f2:a0:e0:d2:3c:52:49:86:b5:
0d:23:ca:2a:fb:93:e0:b8:0b:97:9c:cc:30:d2:9f:b4:e4:f2:
f0:f5:10:97:1e:11:48:b7:f7:82:27:60:aa:62:5b:49:54:af:
cc:b5:4a:70:1e:34:a4:21:87:1d:10:cc:d0:94:4d:49:bd:97:
73:2d:e2:38:e8:44:70:0a:8f:8b:c3:f3:c2:56:74:83:8a:fc:
4e:11:e3:39:c5:13:65:11:81:b5:1e:c2:a7:e1:ee:42:bb:c9:
72:99:ae:db:22:45:d4:86:43:95:4e:d2:a5:2f:f1:1f:3f:fc:
52:44:21:eb:6f:a0:82:8a:c2:77:00:b6:29:1f:7b:18:b0:65:
c5:09:e9:09
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFARDioahX6a3qe7ym4W4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODE5YzI3YTViZTNkMmRiMjIyYjA1NjM3NDQ3ZWQ2ZTgz
MjQ4NzMwHhcNMjQwMTAxMTIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzZlMDVmMGI5NmNiNzViMGQ1MjI4MDM3ZDA1ODYxNTRkMDhmNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApX4SRGwM//hNMlukZdXXzGCD1G/b
mzYPW4f2xF0MoZqIgdUi2nGwd45OyNrV/PZfjtx0ejB5qIgZ6gXlnHdhPXLdksrs
X+crn+vVA5JDv27ksNsJiLyh1NEiXKpGusoafb50+7qAUW6dmOD87q7zsBMJVaog
9b3/dVXyrjFmvHIITvvENpW/zgFVsJU6xWy9CBjGagG6Io4ZiS5r82n7JPfhNaFZ
SS0UwOCsbgYlnItdNhaEYB9oZv7U361vHnPbTExoLUHO0K2AGfJ03bzT01Et3Vp5
XjQiEwCI06pHOWAwo6J64ntKiWr0wl4cqSaoirQFPqMI71I1WRKqu1eLmQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFINuBfC5bLdbDVIoA30FhhVNCPSEMB8GA1UdIwQY
MBaAFAiBnCelvj0tsiKwVjdEftboMkhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lHY0o2Vy1QUzJ5SXJCV04wUi0xdWd5U0hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hZDE4YTAtYjMyYy00ZmNiLWJlOWMt
MWNhZjA2MTEzNzRkLzEvZzI0RjhMbHN0MXNOVWlnRGZRV0dGVTBJOUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hZDE4YTAtYjMyYy00ZmNiLWJlOWMtMWNhZjA2MTEzNzRk
LzEvQ0lHY0o2Vy1QUzJ5SXJCV04wUi0xdWd5U0hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCDDMD
BAPCDDAwDQYJKoZIhvcNAQELBQADggEBAE7MjmXIxtCHgWi/crRAuVGDoNGa+9Oa
nFx4pLDkThZ5F+/22rcIpcTh9uijWgT1+4eGt6Pf3RfQmMQc4ZW/mqXEyh7HfRvT
SO1gyixC2gUmAcp/wubQrqRTkXIuZ+me5uclpq7VOv5et2ArQDvVBUsD7BjF6/Kg
4NI8UkmGtQ0jyir7k+C4C5eczDDSn7Tk8vD1EJceEUi394InYKpiW0lUr8y1SnAe
NKQhhx0QzNCUTUm9l3Mt4jjoRHAKj4vD88JWdIOK/E4R4znFE2URgbUewqfh7kK7
yXKZrtsiRdSGQ5VO0qUv8R8//FJEIetvoIKKwncAtikfexiwZcUJ6Qk=
-----END CERTIFICATE-----
Generated at Sat Dec 28 03:00:15 2024 by rpki-client on console-ams.rpki-client.org